Yahoo Hosts Phishing Sites

A phishing website is a webpage created to copy the entire content and all the elements of another page to trick its visitors and to obtain private information such as credit card numbers or bank accounts. Although it's illegal, more and more users are attracted by this action because they can earn money fast and easy. In the past, many companies tried to take action against pishers, many hackers being arrested and sentenced to prison.

Blogger Michael Sutton made a review of the Google Blacklist, a collection of websites that are currently blocked by Google, to observe the most attacked websites from the internet. It looks like the most affected webpages are Ebay, PayPal and Bank of America, three organizations that are currently working with huge amounts of money. "Online auction website eBay was the most targeted with 23.46 per cent of fake sites, followed by online payments site PayPal with 23.17 per cent. Third was Bank of America with 16.42 per cent," according to IT Pro.

Google is working hard to record all the websites that are identified with phishing actions, developing several tools to create the list. Google Toolbar, a free browser tool designed by the company, is just one of the utilities that can send a malicious website directly to Google.

"I had expected to see a combination of social engineering attacks, known vulnerabilities and 0day attacks used on the sites with the majority falling into the first category. I was therefore somewhat surprised to find virtually all sites using straight social engineering attacks. I was also surprised to see that the top three targets - eBay, PayPal and Bank of America accounted for 63% of the active phishing sites. One amusing finding was that Yahoo! commonly hosts pages that phish...wait for it...Yahoo! credentials," Michael said.